86% of Education Industry Experienced DNS Attack in Past Year
The education industry also has the lowest adoption of network security policy management automation at only 8%, according to a new report.
A report released on Wednesday suggests the education sector is one of the most targeted industries for cyberattacks but is doing very little to stop it.
International Data Corporation’s (IDC) 2019 Global DNS Threat Report provides an inside look into how Domain Name Systems (DNS) have become a primary target for cyberattacks.
“By nature, DNS is an open service to the network, and its mission-critical role for routing application access makes it a primary attack vector and target for hackers,” reads the report.
The report data was gathered from a survey conducted on behalf of EfficientIP of 904 organizations in North America, Europe and Asia during the first quarter of 2019, including those in the manufacturing, financial services, retail, telecom and media, healthcare, education, government and utilities industries.
The new research reveals 86% of education sector respondents experienced under the radar DNS attacks in the past year — the second-highest across all sectors after government. Additionally, 55% of the DNS attacks education institutions experienced were phishing-based.
The education sector is failing to invest in its own security, according to the report, as only 22% of education institutions reported prioritizing the monitoring and analyzing of DNS traffic to meet compliance requirements of data regulations. The education sector also has the lowest adoption of network security policy management automation at only 8%.
“Hackers are always looking for an easy way in, so it is disappointing the education sector is unable to invest in security despite universities and education facilities being a clear priority for hackers,” said David Williamson, CEO of EfficientIP. “When students and professors trust their institutions with sensitive personal information and intellectual property this paints a big target on universities’ backs and makes them responsible for safeguarding it.”
Williamson also addressed the fact that in July, Louisiana declared a state of emergency after three malware attacks on schools.
“We live in an era of governments declaring a state of emergency and officially involving themselves with cyberattacks on schools. Reaching this point means the education sector’s problems are escalating. Education [organizations] need to be more proactive, fully embracing DNS security,” he added. “Otherwise, application downtime and the loss of sensitive and confidential data will keep damaging their reputations, alienating prospective students.”
Additionally, 50% of those surveyed said they currently attempt to mitigate attacks by shutting down servers and services with a further 64% shutting down affected processes and connections.
“Pulling the plug might help stop attacks, but it’s a blunt instrument attempting to stop increasingly sophisticated threats,” reads a press release from EfficientIP regarding the report findings.
Here are some additional overall findings from the survey:
- 82% of respondents experienced a DNS attack
- All surveyed organizations suffered an average of 11 attacks last year, resulting in an annual toll of $7,370,000
- The average number of DNS attacks went from 7.08 in 2018 to 9.45 in 2019
- The average cost per attack increased by 49% from $715,000 in 2018 to $1,000,700 in 2019
- In-house application downtime increased from 31% in 2018 to 63% in 2019
- Compromised websites increased from 33% in 2018 to 45% in 2019
- Sensitive information stolen decreased from 22% in 2018 to 13% in 2019
- 24% of organizations were victims of DNS tunneling last year
The report also offers the following overall recommendations to protect users, apps and data:
- Implement internal threat intelligence to protect your enterprise data and services
- Using real-time DNS analytics helps detect and thwart advanced attacks such as Domain Generating Algorithm (DGA) malware and zero-day malicious domains.
- Make use of DNS for ensuring security compliance
- Integrating DNS with IP Address Management (IPAM) in network security orchestration processes helps automate the management of security policies, keeping them current, consistent and auditable.
- Leverage DNS’s unique traffic visibility in your network security ecosystem to help SOCs accelerate remediation
- Implementing real-time behavioral threat detection over DNS traffic allows qualified security events rather than logs to be sent to Security Information and Event Management (SIEM) systems.
If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Amy Rock, Executive Editor
Amy is Campus Safety’s Executive Editor. Prior to joining the editorial team in 2017, she worked in both events and digital marketing.
Amy has many close relatives and friends who are teachers, motivating her to learn and share as much as she can about campus security. She has a minor in education and has worked with children in several capacities, further deepening her passion for keeping students safe.
Related Content
Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century
This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!
[…] regards to schools, the 2019 Global DNS Threat Report found 86% of the education sector experienced under the radar Domain Name Systems (DNS) attacks in […]